<?PHP

include("dbconnect.php");

//Convert field values to variables
$UserName = $_POST['UserName'];
$Password = md5($_POST['Password']);

//Check database for username and password
$result = mssql_query("select * from Users where UserName = '$UserName' AND Password = '$Password'");

//Check that at least one row was returned
$rowCheck = mssql_num_rows($result);

//Check if anything was returned by the query
if($rowCheck == 1){

  	//Start and register the session
	session_register('UserName');
	session_register('Password');
  	session_start();
 		
  	echo 'Success!';
  	
}
else {
	//Unsuccessful login
	echo 'Incorrect username or password!';
}

//header('Location:index.php');

?>